From nobody Mon Nov 25 02:57:57 2024 Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F15C9139579 for ; Thu, 31 Oct 2024 15:46:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=193.142.43.55 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730389588; cv=none; b=Dv90dZfTtnsFsVcGpx2decL9TLUaQFFH1W3g1GBzzPi32H3vutPBejCwvr8KtT6CGNTuUgAntErCUr5AysVaXACokxMES8zSlcuP4qbvF2fcjVhAdpgtsvrplddBHKJ9y4880Vg+b+Z1QbgkI93fD9+0F3OJqOcVkB4P5Nbj+yc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730389588; c=relaxed/simple; bh=XRuhxhopLzO5Vu9qd4cNixf/PZpl4ZiPpEttVfHF2Cs=; h=Message-ID:From:To:Cc:Subject:References:MIME-Version: Content-Type:Date; b=tFm6KH1GXiAjv4RE56YhxCp+9QkTsqKq0DzxC51qMfARjN6G7NfaX6EAqd/9oJPau3bFIBRPmLX+vCn5/E4hSrLobz7kw2Wxl2u+UrDT9sMnUfkYEyeZko7IUx3h1qKo+HUJZdUTO0VUalkX0Z+C8+HQPm6ymTgQ3Vvx3gp6dw8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de; spf=pass smtp.mailfrom=linutronix.de; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=SWFTd9ud; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=4lO0nV6r; arc=none smtp.client-ip=193.142.43.55 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linutronix.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="SWFTd9ud"; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="4lO0nV6r" Message-ID: <20241031154424.613821401@linutronix.de> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1730389584; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: references:references; bh=s4k0a+5vBj3M/rE56Uz/IJf6Dawsk5+OJfCywabMbsY=; b=SWFTd9udKnyNdBTtAYFS9SVIxTeSY9O3L7oqfH7eZ9jZeqfABsTzoh52oUz//RfDN4LNHW 1MVBvrMs9YAsQLvRuCYhTMqspzliS1cPiyEONbQ25p2oVzUjwi7SDyfaXgdelJlCE1o8wE XCYwYtTgeMB4HLpyZqfp6k8CGOaVEGvqsxDPWyS1tqYKFcM3PtpMlTzTdDyq5U37l8g5uK W6Mu4rMJ0cRlWk7zc/Qob905coT/NmM/hbIIsPrtMgFtI+pcDBvY4OcSU1Q+k1GOscNf59 CjiIWcSm1fS2KqqbOpLJIAF+e4KVMqOcgCuJJS1CRWRXNjh3XsVKoNy9Eg6VVQ== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1730389584; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: references:references; bh=s4k0a+5vBj3M/rE56Uz/IJf6Dawsk5+OJfCywabMbsY=; b=4lO0nV6rn0xzHpIkQufvGKFHb+GyogUdu6Qjti3e2/GzakIPfIWhytkPtHkFnlFaOLW/Yj guwHC42mhX7BfnAA== From: Thomas Gleixner To: LKML Cc: Anna-Maria Behnsen , Frederic Weisbecker , John Stultz , Peter Zijlstra , Ingo Molnar , Stephen Boyd , Eric Biederman , Oleg Nesterov Subject: [patch v6 01/20] posix-timers: Make signal delivery consistent References: <20241031151625.361697424@linutronix.de> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Date: Thu, 31 Oct 2024 16:46:24 +0100 (CET) Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Thomas Gleixner Signals of timers which are reprogammed, disarmed or deleted can deliver signals related to the past. The POSIX spec is blury about this: - "The effect of disarming or resetting a timer with pending expiration notifications is unspecified." - "The disposition of pending signals for the deleted timer is unspecified." In both cases it is reasonable to expect that pending signals are discarded. Especially in the reprogramming case it does not make sense to account for previous overruns or to deliver a signal for a timer which has been disarmed. This makes the behaviour consistent and understandable. Remove the si_sys_private check from the signal delivery code and invoke posix_timer_deliver_signal() unconditionally for posix timer related signals. Change posix_timer_deliver_signal() so it controls the actual signal delivery via the return value. It now instructs the signal code to drop the signal when: 1) The timer does not longer exist in the hash table 2) The timer signal_seq value is not the same as the si_sys_private value which was set when the signal was queued. This is also a preparatory change to embed the sigqueue into the k_itimer structure, which in turn allows to remove the si_sys_private magic. Signed-off-by: Thomas Gleixner Reviewed-by: Frederic Weisbecker --- V6: Remove the sequence increment from delivery and turn the requeue pending check into a WARN_ON_ONCE() (Frederic) Move the sequence increment into the delete hook so that the exit cleanup path is covered too --- include/linux/posix-timers.h | 2 -- kernel/signal.c | 6 ++---- kernel/time/posix-cpu-timers.c | 2 +- kernel/time/posix-timers.c | 28 ++++++++++++++++------------ 4 files changed, 19 insertions(+), 19 deletions(-) --- --- a/include/linux/posix-timers.h +++ b/include/linux/posix-timers.h @@ -137,8 +137,6 @@ static inline void clear_posix_cputimers static inline void posix_cputimers_init_work(void) { } #endif =20 -#define REQUEUE_PENDING 1 - /** * struct k_itimer - POSIX.1b interval timer structure. * @list: List head for binding the timer to signals->posix_timers --- a/kernel/signal.c +++ b/kernel/signal.c @@ -550,10 +550,8 @@ static void collect_signal(int sig, stru list_del_init(&first->list); copy_siginfo(info, &first->info); =20 - *resched_timer =3D - (first->flags & SIGQUEUE_PREALLOC) && - (info->si_code =3D=3D SI_TIMER) && - (info->si_sys_private); + *resched_timer =3D (first->flags & SIGQUEUE_PREALLOC) && + (info->si_code =3D=3D SI_TIMER); =20 __sigqueue_free(first); } else { --- a/kernel/time/posix-cpu-timers.c +++ b/kernel/time/posix-cpu-timers.c @@ -746,7 +746,7 @@ static void __posix_cpu_timer_get(struct * - Timers which expired, but the signal has not yet been * delivered */ - if (iv && ((timer->it_signal_seq & REQUEUE_PENDING) || sigev_none)) + if (iv && timer->it_status !=3D POSIX_TIMER_ARMED) expires =3D bump_cpu_timer(timer, now); else expires =3D cpu_timer_getexpires(&timer->it.cpu); --- a/kernel/time/posix-timers.c +++ b/kernel/time/posix-timers.c @@ -269,7 +269,10 @@ bool posixtimer_deliver_signal(struct ke if (!timr) goto out; =20 - if (timr->it_interval && timr->it_signal_seq =3D=3D info->si_sys_private)= { + if (timr->it_signal_seq !=3D info->si_sys_private) + goto out_unlock; + + if (timr->it_interval && !WARN_ON_ONCE(timr->it_status !=3D POSIX_TIMER_R= EQUEUE_PENDING)) { timr->kclock->timer_rearm(timr); =20 timr->it_status =3D POSIX_TIMER_ARMED; @@ -281,6 +284,7 @@ bool posixtimer_deliver_signal(struct ke } ret =3D true; =20 +out_unlock: unlock_timer(timr, flags); out: spin_lock(¤t->sighand->siglock); @@ -293,19 +297,18 @@ bool posixtimer_deliver_signal(struct ke int posix_timer_queue_signal(struct k_itimer *timr) { enum posix_timer_state state =3D POSIX_TIMER_DISARMED; - int ret, si_private =3D 0; enum pid_type type; + int ret; =20 lockdep_assert_held(&timr->it_lock); =20 - if (timr->it_interval) { + if (timr->it_interval) state =3D POSIX_TIMER_REQUEUE_PENDING; - si_private =3D ++timr->it_signal_seq; - } + timr->it_status =3D state; =20 type =3D !(timr->it_sigev_notify & SIGEV_THREAD_ID) ? PIDTYPE_TGID : PIDT= YPE_PID; - ret =3D send_sigqueue(timr->sigq, timr->it_pid, type, si_private); + ret =3D send_sigqueue(timr->sigq, timr->it_pid, type, timr->it_signal_seq= ); /* If we failed to send the signal the timer stops. */ return ret > 0; } @@ -663,7 +666,7 @@ void common_timer_get(struct k_itimer *t * is a SIGEV_NONE timer move the expiry time forward by intervals, * so expiry is > now. */ - if (iv && (timr->it_signal_seq & REQUEUE_PENDING || sig_none)) + if (iv && timr->it_status !=3D POSIX_TIMER_ARMED) timr->it_overrun +=3D kc->timer_forward(timr, now); =20 remaining =3D kc->timer_remaining(timr, now); @@ -863,8 +866,6 @@ void posix_timer_set_common(struct k_iti else timer->it_interval =3D 0; =20 - /* Prevent reloading in case there is a signal pending */ - timer->it_signal_seq =3D (timer->it_signal_seq + 2) & ~REQUEUE_PENDING; /* Reset overrun accounting */ timer->it_overrun_last =3D 0; timer->it_overrun =3D -1LL; @@ -882,8 +883,6 @@ int common_timer_set(struct k_itimer *ti if (old_setting) common_timer_get(timr, old_setting); =20 - /* Prevent rearming by clearing the interval */ - timr->it_interval =3D 0; /* * Careful here. On SMP systems the timer expiry function could be * active and spinning on timr->it_lock. @@ -933,6 +932,9 @@ static int do_timer_settime(timer_t time if (old_spec64) old_spec64->it_interval =3D ktime_to_timespec64(timr->it_interval); =20 + /* Prevent signal delivery and rearming. */ + timr->it_signal_seq++; + kc =3D timr->kclock; if (WARN_ON_ONCE(!kc || !kc->timer_set)) error =3D -EINVAL; @@ -1001,7 +1003,6 @@ int common_timer_del(struct k_itimer *ti { const struct k_clock *kc =3D timer->kclock; =20 - timer->it_interval =3D 0; if (kc->timer_try_to_cancel(timer) < 0) return TIMER_RETRY; timer->it_status =3D POSIX_TIMER_DISARMED; @@ -1012,6 +1013,9 @@ static inline int timer_delete_hook(stru { const struct k_clock *kc =3D timer->kclock; =20 + /* Prevent signal delivery and rearming. */ + timer->it_signal_seq++; + if (WARN_ON_ONCE(!kc || !kc->timer_del)) return -EINVAL; return kc->timer_del(timer);